California Consumer Privacy Rights

Effective Date: June 30, 2020

Graco Inc. (“Graco”) and its affiliates and subsidiaries (together “we”, “our”, or “us”) are committed to protecting your personal data. We recognize and value the trust that our Graco distributors and End Users place in us when providing us with personal data, which we are committed to safeguarding.

Because our sales are generally to distributors, resellers, and similar business entities, the California Consumer Privacy Act typically will not apply; however, our Graco Global Privacy Policy (“Global Policy”) remains relevant.  In the rare event the California Consumer Privacy Act apply to you, these California Consumer Privacy Rights (“California Rights”) will apply. 

These California Rights explain our personal data collection, usage, and disclosure practices in a framework in accordance with the California Consumer Privacy Act.  To that end, most sections of these California Rights explain rights similar to those outlined in our Global Policy.  Here, we will explain the following:

  1. What personal data we collect about you
  2. How we obtain the personal data about you
  3. How we use your personal data
  4. Who we share your personal data with
  5. How we protect your personal data
  6. What rights you have in relation to your personal data
  7. How we use cookies, tracking, and similar technologies
  8. How you can contact us
  9. How we will update these California Rights

By providing your personal data to us (whether via one of our websites, by email, in person or over the phone), you agree to the processing according to these California Rights.

In some cases, further notices highlighting certain uses we wish to make of your personal data together with the ability to opt in or out of selected uses may also be provided to you when we collect personal data from you.

 

1. What personal data we collect about you

We may collect and process different categories of personal data in the course of operating our business and providing our services, such as personal identifiers, commercial information, Internet information, and professional information. These include:

  • Contact information about you such as your first and last name, email address, your phone and fax number, your zip/postal code, your state and country of residence;
  • For businesses (such as sole proprietorships, if any) with accounts with Graco:

1.     Financial data, such as payment related information or bank account details;

2.     Your and your employee’s CIS, Partner Portal, or GEDI passwords;

3.     Contract information (provided the contract party is the end consumer) such as bank account information, creditworthiness, terms of payment and financing;

  • Demographic data such as your address;
  • Website usage and other technical data such as details of your visits to our websites or information collected through cookies and other tracking technologies;
  • Recruitment related data such as your curriculum vitae, your education and employment history, details of professional memberships and other information relevant to potential recruitment to Graco; and
  • Professional information related to you and to those of your employees with access to the CIS, Partner Portal, or GEDI account consisting of your company name, first and last name, (function) title, email address, the company’s general manager’s name, the company’s website, the company’s address, the shipping address and your Graco account number.

2. How we obtain the personal data about you

We may collect or receive your personal data in a number of different ways:

  • Where you provide it to us directly, for example by corresponding with us by email, or via other direct interactions with us such as completing a form on our website or registering for and using one of our online tools such as CIS, Partner Portal, or GEDI;
  • Where we monitor use of, or interactions with, our websites, any marketing we may send to you, or other email communications sent from or received by Graco;
  • Third party providers, for example, Salesforce, Marketo, and Workday; or
  • Publicly available sources – we may, for example, use such sources to help us keep the contact details we already hold for you accurate and up to date or for professional networking purposes, e.g. LinkedIn.

3. How we use your personal data

We will only use your personal data where we are permitted to do so by applicable law. We use your data for a variety of business and commercial purposes:

  • Contract performance: where your information is necessary to enter into or perform our contract with you;
  • Legal obligation: where we need to use your information to comply with our legal obligations;
  • Legitimate interests: where we use your information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights;
  • Legal claims: where your information is necessary for us to defend, prosecute or make a claim against you, us or a third party; and
  • Consent: where you have consented to our use of your information (you will have been presented with a consent form or facility in relation to any such use and may withdraw your consent through an unsubscribe or similar facility).

We may use your personal data in the following ways:

  • To provide our business portals to you and to conduct our business – to administer and perform our services, including to carry out our obligations arising from any agreements entered into between you and us;
  • To facilitate use of our websites and to ensure content is relevant – to respond to requests for information or inquiries from visitors to our websites and to ensure that content from our websites is presented in the most effective manner for you and for your device;
  • Communicate with you upon a request for information, product support, or for the purpose of customer service;
  • For marketing and business development purposes – Inform you about our products and services, events, newsflashes, newsletters, surveys, purchases of services and/or products (we will provide an option to unsubscribe or opt-out of further communication on any electronic marketing communication sent to you or you may opt out by contacting us);
  • For research and development purposes – analysis in order to better understand your and our end user product and marketing requirements and to better understand our business and develop our products and offerings;
  • To inform you of changes – to notify you about changes to our Products or these California Rights;
  • To reorganize or make changes to our business – In the event that we are undergo a re-organization (for example if we merge, combine or divest a part of our business), we may need to transfer some or all of your personal data to the relevant third party (or its advisors) as part of any due diligence process or transfer to that re-organized entity or third party your personal data for the same purposes as set out in these California Rights or for the purpose of analyzing any proposed re-organization.

4. Who we share your personal data with

Any personal data that we collect or you provide to us may be shared with and processed by any Graco Inc. subsidiary. We may also share your personal data with a variety of the following categories of third parties:

  • Our Graco distributors;
  • Our insurers and insurance brokers;
  • Third party service providers to whom we outsource certain functions such as those listed in Section IV of the Global Policy; and
  • As required by public authorities, including law enforcement; and
  • In connection with a merger, joint venture, sale or transfer of all or a portion of our assets or stock, or other similar corporate transactions involving a change of ownership or control.

5. How we protect your personal data

See our Global Policy, Section IX.

 

6. What rights you have in relation to your personal data

If you have any questions about our use of your personal data, please contact us. Under certain circumstances and in accordance with applicable data protection laws, you have the right to request that we disclose to you what information we collect, use, disclose, and sell. You also have the right to request that a business delete any personal information about you which the business has collected about you.  To submit a request, you may reach us at toll-free 866-361-5924 or at privacy@graco.com.  Please note for your protection, any request sent to us to delete your personal information will be subject to a verification procedure that may require you to provide us with information about you that we have in our files.

Other considerations:

  • We may have disclosed your information as described above during the preceding 12 months, but we do not sell your personal information. We do not have actual knowledge that we sell the personal information of minors under 16 years of age.
  • We shall not discriminate against you for exercising any of your above rights.
  • You may designate an authorized agent to make a request to exercise your rights on your behalf. For your protection, we reserve the right to deny any request from an agent who does not submit proof that they have been authorized to act on your behalf.
  • You can exercise your right to stop email marketing messages from us at any time by using an unsubscribe facility or contacting us at privacy@graco.com.
  • If you contact us to exercise any of these rights we will check your entitlement and respond in most cases within 45 days.

7. How we use cookies, tracking, and similar technologies

See our Global Policy, Section III.

 

8. How you can contact us

See our Global Policy, Section II.

 

9. How we may update these California Rights

See our Global Policy, Section XIII.

Graco